1
00:00:00,790 --> 00:00:10,570
Now, HTP s consists of communication over HTP within a connection encrypted by TLC Transport Layer

2
00:00:10,570 --> 00:00:15,490
Security or its predecessor, SSL, the Secure Sockets layer.

3
00:00:16,560 --> 00:00:23,070
The main motivation for https is authentication of the visited Web site and protection of the privacy

4
00:00:23,070 --> 00:00:25,060
and integrity of the exchange data.

5
00:00:26,040 --> 00:00:31,260
So let's see how a typical encrypted connection between the server and the client is established.

6
00:00:32,180 --> 00:00:37,580
The client sends the information that the server needs to communicate with a client using SSL.

7
00:00:38,730 --> 00:00:44,580
This information contains the client's SSL version, no cipher settings and session specific data.

8
00:00:45,870 --> 00:00:51,030
The server then sends the information that the client needs to communicate with the server over SSL.

9
00:00:52,030 --> 00:00:54,640
The server also sends its own cert.

10
00:00:55,990 --> 00:01:00,130
The client uses the information sent by the server to authenticate the server.

11
00:01:01,250 --> 00:01:08,300
So using all data generated in the handshake thus far, the client creates the prime minister's secret

12
00:01:08,300 --> 00:01:16,190
for the session encrypted with the servers publicly and then sends the encrypted your secret to the

13
00:01:16,190 --> 00:01:16,610
server.

14
00:01:17,510 --> 00:01:22,400
The server uses its private key to decrypt the Prima's Your Secret.

15
00:01:23,600 --> 00:01:28,880
And both the client and the server perform a series of steps to generate the master secret.

16
00:01:30,330 --> 00:01:37,350
Then they use the master secret to generate the session keys, which are symmetric keys used to encrypt

17
00:01:37,350 --> 00:01:42,470
and decrypt information exchanged during the SSL session and to verify its integrity.

18
00:01:43,920 --> 00:01:49,200
The client sends a separate message indicating that the client portion of the handshake is finished.

19
00:01:50,160 --> 00:01:55,950
And the server sends a separate message indicating that the server portion of the handshake is finished.